Effective CISSP Questions

Which of the following is not a typical measure or practice implemented in a passive security strategy? (Wentz QOTD)
A. Vulnerability scanning 
B. Penetration testing
C. Incident response
D. Threat hunting

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Threat hunting.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Threat hunting, also known as cyberthreat hunting, is a proactive approach to identifying previously unknown, or ongoing non-remediated threats, within an organization’s network. (IBM)

Cyber threat hunting is an active cyber defence activity. It is “the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.” This is in contrast to traditional threat management measures, such as firewalls, intrusion detection systems (IDS), malware sandbox (computer security) and SIEM systems, which typically involve an investigation of evidence-based data after there has been a warning of a potential threat. (Wikipedia)


以下哪一項不是被動安全策略中實施的典型措施或做法?(Wentz QOTD)
A. 漏洞掃描
B. 滲透測試
C. 事件響應
D. 威脅搜尋

Leave a Reply